Adaptive offers two delivery methods for phishing simulations: SMTP (Simple Mail Transfer Protocol) and DMI (Direct Message Injection). Before setup, decide which option best fits your organization’s environment and email infrastructure.
| SMTP | DMI |
Definition | Traditional email sending via mail servers | API connection to Microsoft 365 or Google Workspace that allows Adaptive to insert emails directly into inboxes |
Best for Orgs that: |
|
|
Whitelisting | Primarily whitelist by IP address (whitelisting by sending domains and headers also recommended) | Primarily whitelist by header, since DMI emails do not have IP addresses |
Deliverability | May face spam or quarantine issues if whitelisting is incomplete; ongoing maintenance may be needed if tools or policies change | Bypasses most delivery filters, resulting in higher delivery rates; however, post-delivery security tools still require tuning |
Workspace requirements | None - can send to any verified email domain | Only one DMI integration is supported per Adaptive tenant. This means all users who will receive phishing simulations must belong to the same Microsoft 365 or Google Workspace |
Moving forward with SMTP? See our guide: Setting up SMTP to Send Phishing Simulations
Moving forward with DMI? See our guide: Setting up DMI to Send Phishing Simulations